CISOfy / lynis

Star

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening

Updated Jul 27, 2020
Shell

open-policy-agent / opa

Star

An open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance doge lolcat

Updated Jul 30, 2020
Go

ossec / ossec-hids

Star

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated Jul 9, 2020
C

cloud-custodian / cloud-custodian

Star

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated Jul 31, 2020
Python

toniblyx / prowler

Star

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail gdpr security-tools cis-benchmark aws-auditing prowler well-architected

Updated Jul 31, 2020
Shell

inspec / inspec

Star

InSpec: Auditing and Testing Framework

testing security devops tdd spec audit compliance inspec devsec tdd-utilities

Updated Jul 30, 2020
Ruby

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform

security elasticsearch log-analysis monitoring incident-response ids intrusion-detection pci-dss compliance security-hardening loganalyzer vulnerability-detection ossec openscap wazuh policy-monitoring security-awareness file-integrity-management

Updated Jul 31, 2020
C

liamg / tfsec

Star

🔒

🌍 Static analysis powered security scanner for your terraform code

aws security ci azure terraform scanner static-analysis compliance google-cloud-platform

Updated Jul 15, 2020
Go

nsacyber / Windows-Secure-Host-Baseline

Star

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

windows auditing certificates chrome-browser audit windows-10 windows-server compliance nessus group-policy applocker internet-explorer windows-firewall microsoft-office windows-server-2016 adobe-reader

Updated Sep 12, 2018
HTML

bridgecrewio / checkov

Star

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

kubernetes aws cloudformation azure terraform static-analysis gcp scans compliance aws-security azure-security gcp-security kubernetes-security bridgecrew misconfigurations checkov

Updated Jul 29, 2020
Python

ComplianceAsCode / content

Star

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Updated Jul 31, 2020
Python

square / sudo_pair

Star

Plugin for sudo that requires another human to approve and monitor privileged sudo sessions

linux rust security authentication pam sudo compliance pairing

Updated Jul 17, 2020
Rust

nexB / scancode-toolkit

Star

🔎 ScanCode detects licenses, copyrights, package manifests & dependencies and more by scanning code ... to discover and inventory open source and third-party packages used in your code.

licensing packages open-source-licensing foss scan provenance compliance dependencies license spdx spdx-license copyright license-management spdx-licenses license-checking license-scan package-scan copyright-scan software-composition-analysis oss-compliance

Updated Jul 31, 2020
C

eerkunt / terraform-compliance

Star

a lightweight, security focused, BDD test framework against terraform.

testing infrastructure terraform bdd bdd-style hashicorp compliance testing-framework

Updated Jul 31, 2020
Python

panther-labs / panther

Star

Detect threats with log data and improve cloud security posture

react python go graphql aws security typescript serverless etl bigdata compliance security-automation auto-remediation

Updated Jul 31, 2020
Go

OpenSCAP / openscap

Star

NIST Certified SCAP 1.2 toolkit

data-stream compliance scap xccdf oval cpe scanning openscap

Updated Jul 31, 2020
XSLT

privacyradius / gdpr-checklist

Star

The GDPR Checklist

checklist privacy gatsby compliance gdpr gdpr-checklist

Updated Jul 30, 2020
JavaScript

strongdm / comply

Star

Compliance automation framework, focused on SOC2

go golang templates compliance grc pdf-generation hipaa gdpr iso27001 documentation-toolchain soc2

Updated May 4, 2020
Go

rocketjob / symmetric-encryption

Star

Symmetric Encryption for Ruby Projects using OpenSSL

ruby encryption symmetric-keys openssl flight pci compliance initialization-vector meet-pci

Updated Jun 14, 2020
Ruby

fossology / fossology

Star

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.